Intel VTune Profiler and oneAPI Base Toolkits Privilege Escalation Vulnerability

A vulnerability allowing unauthorized privilege escalation has been identified in certain versions of Intel VTune Profiler and Intel oneAPI Base Toolkits prior to 2025.0. This issue arises from an uncontrolled search path in the software installer, which may be exploited by a system software adversary with authenticated user access. The attack, characterized by high complexity, requires active user interaction and could potentially be executed through local access without special internal knowledge. If exploited, this vulnerability could significantly impact the confidentiality, integrity, and availability of the affected system.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to gain elevated rights or access within the system.

Remediation

Users are advised to update Intel VTune Profiler software to version 2025.0 or later. Updates can be downloaded from the Intel oneAPI Standalone Components page. Additionally, Intel oneAPI Base Toolkits should be updated to version 2025.0 or later, with downloads available from the Intel oneAPI Base Toolkit Download page.